Hermes Ransomware Deep Dive Pt 2 - Program Overview

View our malware analysis training: https://AGDCservices.com/training/ Follow me on Twitter for RE tips and resources: https://twitter.com/AGDCservices View our malware analysis products to aid in your RE efforts (Ghidra / python scripts, tools, and individual analysis results) https://github.com/agdcservices Get resources to help with learning malware analysis https://agdcservices.com/blog/resources-for-learning-malware-analysis/ Ransomware is a prevalent threat that all malware analysts should know how to reverse engineer. To further that goal, we will take a deep dive into the analysis of the Hermes ransomware. We will explain the general functions that most ransomware contain and then walk through Hermes in Ghidra to identify and demonstrate the embedded capabilities. The deep dive malware analysis will be split into multiple videos with this second video focusing on analyzing the general program flow at an outline level. We will take the first pass of a multi-pass approach to quickly get a “table of contents” level understanding of how the ransomware works. Once the deep dive video series is complete, the annotated ghidra file and all associated analysis products will be uploaded to our github page for you to download and review to further your learning. https://github.com/AGDCservices/Collection-Of-Individual-Malware-Analysis-Products Download the malware samples at https://malshare.com to review in your own analysis lab: Packed: a5a0964b1308fdb0aeb8bd5b2a0f306c99997c7c076d66eb3ebcdd68405b1da2 Unpacked: 773c5554d6c131c220871a26ee4e2261e26c6ef32ff5818b56d08119e7ef83e3 #ReverseEngineering #MalwareAnalysis #SRE #RE #Ghidra #Hermes #Ransomware #DeepDive